package com.cn.xcsharp.util;
//路由器特殊字符过滤
public class StrFilterUtils {
    // 非法xss 字符
    //private static String[] SAFE_LESS = { "set-cookie", "<", "%3c", "%3e", ">", "\\" };
    // 非法注入字符
    //private static String[] SAFE_LESS = { "and","/","*","%","select","insert","update","delete" };
    private static String[] SAFE_LESS = {
            "set-cookie", "<", "%3c", "%3e", ">", "\\", "'", "“", "--", "=", "(", ")", "+"," "
            ,"and","/","*","%","select","insert","update","delete","from","version","db_name","or","ascii","substr"
            ,"script","alert","documnet","value"
    };
    /**
     * 判断URL是否存在非法字符
     * */
    public boolean isSafeStr(String str) {
        try {
            for (String s : SAFE_LESS) {
                if (str.toLowerCase().contains(s)) {
                    return false;
                }
            }
        } catch (Exception e) {
            return false;
        }
        return true;
    }
}
